function perform() { $userFact = new UserFinder($_REQUEST['db']); $username = gpwd('username'); $password = gpwd('password'); $userId = $userFact->authenticate($username, md5($password)); if (!($userId === null)) { $_SESSION['loggedIn'] = true; $_SESSION['userId'] = $userId; // Set a cookie as well... $cookieVal = $this->createCookieValue(); setcookie('login', $cookieVal, mktime(0, 0, 0, 0, 0, 2038)); $userFact->setCookieCredentials($cookieVal, $userId); header("Location: {$_SESSION['destination']}"); exit; } else { $result = array('renderer' => 'template_renderer.inc', 'pageTitle' => SITE_NAME . ' : Please Log In', 'header' => 'headers/header.php', 'content' => 'content/loginForm.php'); $result['username'] = $username; return $result; } }
function perform() { $layout = grwd('layout', 'menus'); $optionFunctions = array('pulldown' => 'getSelectPulldown', 'radio' => 'getRadioList', 'menus' => 'getSelectBox'); $optionFunction = $optionFunctions[$layout]; // Ensure we have the variable questionId $questionId = grwd('questionId', -1) + 0; $db = $_REQUEST['db']; $tsf = new TimeSpentFinder($db); $ptf = new PatronTypeFinder($db); $qff = new QuestionFormatFinder($db); $qtf = new QuestionTypeFinder($db); $if = new InitialsFinder($db); $lf = new LocationFinder($db); $userFinder = new UserFinder($db); $user = $userFinder->findById($_SESSION['userId']); if ($questionId != -1) { // to the edit form! $result = array('renderer' => 'template_renderer.inc', 'pageTitle' => SITE_NAME . ' : Edit Question', 'content' => 'content/questionEditForm.php'); $result['optionFunction'] = $optionFunction; $libId = $user['library_id']; $result['timeSpentOpts'] = $tsf->findByLibrary($libId); $result['patronTypeOpts'] = $ptf->findByLibrary($libId); $result['questionTypeOpts'] = $qtf->findByLibrary($libId); $result['questionFormatOpts'] = $qff->findByLibrary($libId); $result['locationOpts'] = $lf->findByLibrary($libId); $result['locationId'] = $lf->getLastLocationId($_SERVER['REMOTE_ADDR'], $libId); $result['user'] = $user; $questionFinder = new QuestionFinder($db); $result['question'] = $questionFinder->getQuestion($questionId); $result['answer'] = $questionFinder->getQuestion($questionId); $result['delete_hide'] = gpwd('delete_hide'); $result['origin'] = grwd('origin', 'questionAddForm.do'); } else { echo "QuestionID {$questionId} not found"; // Send somewere else } return $result; }
function parseUserFromForm() { $editUser = array(); $userId = gpwd('user_id', 0); $username = gpwd('username', ''); $password = gpwd('password', ''); $library_id = gpwd('library_id'); $admin = gpwd('admin', 0); if ($userId && is_numeric($userId)) { $editUser['user_id'] = $userId; } else { $editUser['user_id'] = null; } $editUser['username'] = $username; $editUser['password'] = trim($password); $editUser['library_id'] = $library_id + 0; if ($admin) { $editUser['admin'] = 1; } else { $editUser['admin'] = 0; } return $editUser; }
function perform() { // Get the resources we need to do this update $db = $_REQUEST['db']; $userFinder = new UserFinder($db); $user = $userFinder->findById($_SESSION['userId']); $questionFinder = new QuestionFinder($db); // Grok all the relevant data from the form $qHash = array(); $qHash['library_id'] = $user['library_id']; $qHash['location_id'] = gpwd('location', null); $qHash['question_type_id'] = gpwd('questionType', null); $qHash['question_type_other'] = gpwd('questionTypeOther'); $qHash['time_spent_id'] = gpwd('timeSpent', null); $qHash['patron_type_id'] = gpwd('patronType', null); $qHash['question_format_id'] = gpwd('questionFormat', null); $qHash['initials'] = gpwd('initials'); $qHash['client_ip'] = getRemoteIp(); $qHash['user_id'] = $_SESSION['userId']; $qHash['question'] = gpwd('question'); $qHash['answer'] = gpwd('answer'); $qHash['question'] = trim($qHash['question']); $qHash['answer'] = trim($qHash['answer']); $qHash['hide'] = 0; if ($qHash['question'] == '' && $qHash['answer'] == '') { $qHash['hide'] = 1; } // Do the date $qHash['question_date'] = trim(gpwd('mydate', 'now')); if ($qHash['question_date'] == '') { $qHash['question_date'] = 'now'; } $stamp = strtotime($qHash['question_date']); if ($stamp != -1) { $qHash['question_date'] = date('Y-m-d H:i:s', $stamp); } else { $qHash['question_date'] = null; } $qHash['date_added'] = date('Y-m-d H:i:s'); // Clean up qHash; make numbers really numeric. The dirty little // trick: add 0 to non-null values names .*_id foreach ($qHash as $key => $val) { if (strpos($key, '_id')) { if ($val != null) { $qHash[$key] = $val + 0; } } } $target = "questionAddForm.do"; $res = $questionFinder->addQuestion($qHash); if (!DB::isError($res)) { // Use a Location: header to fly back; we don't want to // be able to double-enter by mistake.... I think. $url = "http://{$_SERVER['HTTP_HOST']}{$_SERVER['REQUEST_URI']}"; $url = substr($url, 0, -strrchr($url, '/')) . $target; header("Location: {$url}"); exit; } else { // A page error occurred! $_REQUEST['dbResult'] = $res; $act = new PageErrorAction(); return $act->perform(); } }
function perform() { // Get the resources we need to do this update $db = $_REQUEST['db']; $userFinder = new UserFinder($db); $questionFinder = new QuestionFinder($db); $questionId = gpwd('questionId', 0) + 0; //Test for DELETE $delete = gpwd('deleteButton', ''); $save = gpwd('saveButton', ''); if ($save == "Save Question / Answer") { $delete = 0; } else { if ($delete == "Delete") { $delete = 1; } } // Grok all the relevant data from the form $qHash = array(); $qHash['location_id'] = gpwd('location', null); $qHash['question_type_id'] = gpwd('questionType', null); $qHash['question_type_other'] = gpwd('questionTypeOther'); $qHash['time_spent_id'] = gpwd('timeSpent', null); $qHash['patron_type_id'] = gpwd('patronType', null); $qHash['question_format_id'] = gpwd('questionFormat', null); $qHash['initials'] = gpwd('initials'); $qHash['question'] = gpwd('question'); $qHash['answer'] = gpwd('answer'); $qHash['question'] = trim($qHash['question']); $qHash['answer'] = trim($qHash['answer']); $qHash['hide'] = 0; $qHash['delete_hide'] = $delete; if ($qHash['question'] == '' && $qHash['answer'] == '') { $qHash['hide'] = 1; } // Do the date -- if we can't parse it, don't change it! $qTime = trim(gpwd('questionDate', '')); if ($qTime != '') { $stamp = strtotime($qTime); if ($stamp != -1) { $qHash['question_date'] = date('Y-m-d H:i:s', $stamp); } } // Clean up qHash; make numbers really numeric. The dirty little // trick: add 0 to non-null values names .*_id foreach ($qHash as $key => $val) { if (strpos($key, '_id')) { if ($val != null) { $qHash[$key] = $val + 0; } } } $res = $questionFinder->editQuestion($questionId, $qHash); if (!DB::isError($res)) { // Use a Location: header to fly back, to avoid people refreshing // and posting twice -- a common problem. $url = "http://{$_SERVER['HTTP_HOST']}{$_SERVER['REQUEST_URI']}"; $url = substr($url, 0, -strrchr($url, '/')) . $_REQUEST['origin']; header("Location: {$url}"); exit; } else { echo "<pre>"; var_dump($res); echo "</pre>"; } }